CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2019-9631 – poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc
https://notcve.org/view.php?id=CVE-2019-9631
08 Mar 2019 — Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. Poppler en su versión 0.74.0, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en la función CairoRescaleBox.cc downsample_row_box_filter. Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Issues addressed include buffer overflow and null pointer vulnerabilities. • https://access.redhat.com/errata/RHSA-2019:2022 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 8%CPEs: 35EXPL: 2CVE-2019-8936 – Ubuntu Security Notice USN-4563-2
https://notcve.org/view.php?id=CVE-2019-8936
08 Mar 2019 — NTP through 4.2.8p12 has a NULL Pointer Dereference. NTP hasta 4.2.8p12 tiene una desreferencia del puntero NULL. A crafted malicious authenticated mode 6 packet from a permitted network address can trigger a NULL pointer dereference. Note for this attack to work, the sending system must be on an address from which the target ntpd(8) accepts mode 6 packets, and must use a private key that is specifically listed as being used for mode 6 authorization. The ntpd daemon can crash due to the NULL pointer derefer... • https://github.com/snappyJack/CVE-2019-8936 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 2CVE-2018-14498 – libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service
https://notcve.org/view.php?id=CVE-2018-14498
07 Mar 2019 — get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries. get_8bit_row en rdbmp.c en libjpeg-turbo, hasta la versión 1.5.90, y MozJPEG, hasta la versión 3.3.1, permite a los atacantes provocar una denegación de servicio (sobrelectura de búfer basada en memoria dinámica [he... • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2019-8376
https://notcve.org/view.php?id=CVE-2019-8376
17 Feb 2019 — An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Se ha descubierto un problema en Tcpreplay 4.3.1. • http://www.securityfocus.com/bid/107085 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 2CVE-2019-8377
https://notcve.org/view.php?id=CVE-2019-8377
17 Feb 2019 — An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Se ha descubierto un problema en Tcpreplay 4.3.1. • http://www.securityfocus.com/bid/107085 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2019-8381
https://notcve.org/view.php?id=CVE-2019-8381
17 Feb 2019 — An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Se ha descubierto un problema en Tcpreplay 4.3.1. • https://github.com/appneta/tcpreplay/issues/538 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 2CVE-2019-7221 – Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
https://notcve.org/view.php?id=CVE-2019-7221
16 Feb 2019 — The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene un uso de memoria previamente liberada. A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. • https://packetstorm.news/files/id/151713 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 2CVE-2019-7222 – Kernel: KVM: leak of uninitialized stack contents to guest
https://notcve.org/view.php?id=CVE-2019-7222
16 Feb 2019 — The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene una fuga de información. An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory co... • https://packetstorm.news/files/id/151712 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 6%CPEs: 8EXPL: 0CVE-2019-6975 – Ubuntu Security Notice USN-3890-1
https://notcve.org/view.php?id=CVE-2019-6975
11 Feb 2019 — Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function. Django, en versiones 1.11.x anteriores a la 1.11.19, versiones 2.0.x anteriores a la 2.0.11 y versiones 2.1.x anteriores a la 2.1.6, permite el consumo incontrolado de memoria mediante un valor malicioso proporcionado por el atacante a la función django.utils.numberformat.format(). Three security issues we... • http://www.securityfocus.com/bid/106964 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 1CVE-2019-7639
https://notcve.org/view.php?id=CVE-2019-7639
08 Feb 2019 — An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file. Se ha descubierto un problema en gsi-openssh-server 7.9p1 en Fedora 29. Si PermitPAMUserChange está configurado como "yes" en el archivo /etc/gsissh/sshd_config, los inicios de sesión se realizan con éxito con un nombre de usuario válido... • https://bugzilla.redhat.com/show_bug.cgi?id=1673802 • CWE-863: Incorrect Authorization •